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(57) ABSTRACT 

A secure computer system including a host computer unit 
having embedded in a single package, a host CPU, and an 
authenticating and security controlling computer, a verifi- 
cation unit and a smart card accepting connector providing 
a public-key protected communication channel between the 
authenticating and security controlling computer and the 
verification unit, in a first mode of operation of the secure 
computer system, and between the host CPU, via the authen- 
ticating and security controlling computer, and a smart card, 
via smart cord terminal, in a second mode of operation of the 
secure computer system, wherein communication between 
the authenticating and security controlling computer and the 
smart card terminal is unmediated, and wherein the verifi- 
cation unit is operative to verify the identity of the authen- 
ticating and security controlling computer in the first mode 
of operation. 

3 Claims, 8 Drawing Sheets 
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SECURE COMPUTER SYSTEM 

This application is a 371 of International Application 
PCT/IL/00044 filed Feb. 4, 1997. 

FILED OF THE INVENTION 

The present invention relates to secure computer system 
in general. 

BACKGROUND OF THE INVENTION 

The need for a secure computer system is well known. 
The need for secure computer systems falls into several 
categories. The need for secure capabilities which enable a 
computer to work in a secure environment, such as an 
electronic mail, remote banking, Internet, secure 
communications, telefax, or smart card environment is well 
known and falls into a first category of need. In a second 
category of need, it is well known thai expensive computer 
CPU chips are often subject to theft. Unfortunately, indi- 
vidual expensive CPU chips can not easily be identified, and 
hence the recovery of stolen CPU chips is difficult. There is 
therefore a need to protect expensive CPU chips. 

Methods and apparatus useful in secure computing are 
described in the following patent applications, commonly 
owned with the present application, the disclosures of which 
are hereby incorporated herein by reference: 

Israel patent applications 113375 and 115534; and 

U.S. patent applications 08/154220 and 08/437,223. 

Methods and apparatus useful in secure computing are 
described in the following publications: 

D. E. Denning and M. Smid, "Key escrowing today", 
IEEE Communication Magazine, September 1994, pp. 
58-68; 

C. Gressel, R, Granot, and I. Dror, "International Cryp- 
tographic Communications Without Key Escrow", Interna- 
tional Cryptographic Institute *95, Washington D.C., Sep. 
22, 1995; 

R. L. Rivest, A. Shamir, and L. Adleman, "A method for 
obtaining digital signatures and public-key cryptosystems", 
Communications of the ACM Vol. 21 #2, February 1978, pp. 
120-126; 

DES Modes of Operation, HPS PUB 81, National Bureau 
of Standards, US Department of Commerce, Washington, 
D.C., 1981; 

MC68HC05SC49, 8-bit microcomputer with EEPROM 
and N modulo M exponent coprocessor product preview, 
Motorola semiconductor technical data, Schaumburg 111., 
1993; 

MC68HC05SC30, Enhanced 8-bit microcomputer with 
EEPROM and N modulo M exponent coprocessor product 
preview, Motorola semiconductor technical data, 
Schaumburg, 111., 1993; 

ST16xF74 CMOS crypto-computer family ST16xF74, 
SGS-'lTiomson Microelectronics, Agrate, Italy, October 
1993; 

ST16CF54 CMOS MCU based safeguarded smarlcard IC 
with modular arithmetic processor, SGS-Thompson 
Microelectronics, Agrate, Italy, September 1994; and 

Cryptoprocessor chip includes embedded cryptolibrary, 
SGS-Thompson Microelectronics, Agrate, Italy, press 
release K491M, October 1994. 

The disclosure of the above publications and of the 
publications cited therein are hereby incorporated by refer- 
ence. The disclosures of all publications mentioned in this 
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specification and of the publications cited therein are hereby 
incorporated by reference. 

SUMMARY OF THE INVENTION 

5 The present invention seeks to provide an improved 
secure computer system. In the present invention, an authen- 
ticator computer is embedded in the same package with a 
host CPU. The embedded authenticator computer may pro- 
vide secure capabilities such as those described above. The 

10 embedded authenticator computer may also provide identi- 
fying information including proof of identity. The identify- 
ing information may aid in preventing theft of the computer 
system and/or may aid in identification of a stolen computer 
system. Because the authenticator computer is embedded in 

15 the same package with the host CPU, removing the authen- 
ticator computer in order to circumvent the anti -theft capa- 
bilities thereof will generally be very difficult and/or too 
expensive to attempt. 

2Q There is thus provided in accordance with a preferred 
embodiment of the present invention a secure computer 
including a host CPU and an authenticator computer, 
wherein both the host CPU and the authenticator computer 
are embedded in a single package. The authenticator com- 

25 puter may have an identity and, and the authenticator 
computer may provide proof of the identity upon receiving 
an external signal from a verifying device. The proof of the 
identity may include origin information and/or an audit trail. 
The secure computer may also include a smart card 

3 q receiver, which may comprise a reader/writer card, includ- 
ing at least one smart card acceptor socket, each smart card 
acceptor socket being adapted to receive a smart card, 
wherein the authenticator verifies the smart card. The at least 
one smart card acceptor socket may include a plurality of 

35 smart card acceptor sockets. 

The authenticator may control access to a controlled 
device. The authenticator provides data protection, includ- 
ing data encryption and/or data decryption. The data pro- 
tection may include providing and/or verifying a digital 

40 signature. 

The authenticator may protect data transmission between 
the secure computer and a remote device, optionally using 
approved protocols for transnational encryption, as well as 
approved protocols for authentication origin and contents of 

45 documents using an electronic signature. 

There is also provided in accordance with another pre- 
ferred embodiment of the present invention a method for 
securing a host computer, the method including providing a 
host CPU, providing an authenticator computer, and embed- 

50 ding both the host CPU and the authenticator computer in a 
single package. 

BRIEF DESCRIPTION OF THE DRAWINGS 

55 The present invention will be understood and appreciated 

from the following detailed description taken in conjunction 

with the drawings in which: 

FIG. 1 is a simplified pictorial illustration of a secure 

computer system constructed and operative in accordance 
60 with a preferred embodiment of the present invention; 

FIGS. 2A-2C are simplified pictorial illustrations of 

alternative preferred embodiments of the system of FIG. 1, 

comprising alternative embodiments thereof for different 

packaging methods; 
65 FIG. 3 is a simplified flowchart illustration of a preferred 

method of operation of the secure computer system 10 of 

FIG. 1; 
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FIG. 4 is a simplified pictorial illustration of an alternative present specification and claims as a "smart card". Typically, 

preferred embodiment of the present invention; a smart card device, as is well known in the art, comprises 

FIG. 5 is a simplified pictorial illustration of a further an imbedded processor and/or memory unit which are 

alternative preferred embodiment of the present invention; operative to provide the authentication and/or transaction 

FIG. 6 is a simplified pictorial illustration of a still further 5 sc ^ ur J > lv * 

allernative preferred embodiment of tbe present invention; Reference is now addmonally made to FIGS. 2A-2C, 

anc j r » which are simplified pictorial illustrations of alternative 

an preferred embodiments of the system of FIG. l f comprising 

FIG. 7 is a simplified block diagram illustration of the alternative embodiments thereof for difference packaging 

secure computer system of FIG. 1. ^ methods. The packaging methods of FIGS. 2A-2C are 

DETAILED DESCRIPTION OF PREFERRED bdieved 10 si ^ h ^ the interface between the secure com- 

EMBODIMENTS ^ uter svstem an " a computer in which the secure com- 
puter system 10 is located, particularly by not occupying 

Reference is now made to FIG. 1 which is a simplified additional motherboard space or requiring changes to the 

pictorial illustration of a secure computer system 10 con- ^ motherboard. 

structed and operative in accordance with a preferred 1 piG. 2A is an exploded view of the secure computer 

embodiment of the present invention. The secure computer system 10 of FIG. 1, packaged using a lead frame packaging 

system 10 comprises an authenticator computer 20. The method. The system of FIG. 2A also comprises an adaptor 

authenticator computer 20 may be any appropriate authen- 40, which is operative to connect to a plurality of conductors 

ticator computer, such as a cryptocomputer chip or a com- 2Q 42 formed on the surface of the host CPU 30. The authen- 

puter chip designed to rapidly process modular arithmetic ticator computer 20 is in turn operatively connected to the 

operations useful for performing authentication, encryption, adaptor 40. The host CPU 30 is typically positioned on top 

and decryption, as it well known in the art. Preferably, the 0 f the adaptor 40, with the adaptor 40 being positioned on 

authenticator computer 20 may be a model ST16CF54 top 0 f the authenticator computer 20; this arrangement is 

available from SGS-Thompson. The authenticator computer ^ deemed preferable in order to allow sufficient thermal con- 

20 may alternatively be a MC68HC05SC49 8-bit ductance of the host CPU 30, It is appreciated that other 

microcomputer, commercially available from Motorola, physical arrangements of the authenticator computer 20, the 

Schaumburg 111., USA. host CPU 30, and the adaptor 40 are also possible. The 

The authenticator computer 20 is embedded in a single adaptor 40 is operative to provide an electrical connection 

package with a host CPU 30. The host CPU 30 may be any 3Q between the host CPU 30 and the authenticator computer 20, 

appropriate CPU. It is appreciated that the present invention, and also to provide an electrical connection via the eternal 

by providing anti-theft capabilities, is particularly useful in connection 35 to external devices, as explained above, 

the case where the host CPU 30 is an expensive CPU. FIG. 2B is a simplified pictorial illustration of the secure 

Preferably, in order to provide optimal anti-theft computer system 10 of FIG. 1, packaged using a socketed 

capabilities, the embedding, of the authenticator computer 35 packaging method. The packaging method of FIG. 2B is 

20 and the host CPU 30 into a single package comprises believed to be particularly useful when adding the authen- 

permanently bonding together the authenticator computer 20 ticator computer 20 to an existing computer system. The 

and the host CPU 30. The system of FIG. 1 also comprises system of FIG. 2B comprises an adaptor 45. The adaptor 45 

an electrically insulating thermally conducting layer 32, comprises a plurality of conductor pins 50, designed to fit 

covering the authenticator computer 20 and the host CPU 4 q within an existing acceptor socket adapted to receive the 

30. The electrically insulating thermally conducting layer 32 host CPU 30. The adaptor 45 also comprises an external 

may comprise ceramic or any other suitable electrically connector 35, as described above. 

insulating thermally conducting material. It is appreciated The adaptor 45 is adapted to receive the authenticator 

that alternative and/or additional methods of bonding the computer 20, typically inside the adaptor 45. The adaptor 45 

authenticator computer 20 and the host CPU 30 may be 45 is also adapted to receive the host computer 30, typically on 

used, such as, for example, providing a bonding layer (not top of the adaptor 45. The adaptor 45 is operative to provide 

shown) between the authenticator computer 20 and the host an electrical connection between the host CPU 30 and the 

CPU 30. authenticator computer 20, and also to provide an electrical 

The system of FIG. 1 also comprises an external connec- connection via the external connection 35 to eternal devices, 

tion 35. The external connection 35 shown in FIG. 1 is 50 as explained above. 

arranged, by way of example only, into two smart card FIG. 2C is an exploded view of the secure computer 

reader connectors 37. The external connection 35, which system 10 of FIG. 1, packaged using a pin grid array 

typically comprises a plurality of pins, is operative to packaging method. The system of FIG. 2C comprises a pin 

provide an electrical connection between the authenticator grid board 55, comprising a plurality of pins 60. At least 

computer and external devices such as one or more smart 55 some of the plurality of pins 60 extend upward above the pin 

card readers. The external connection 35 may also be grid board 55, allowing connection to an authenticator 

operative to provide an electrical connection to an external printed circuit board (PC board) 65. The host CPU 30 is 

device comprising a verification device, as described below mounted to the PC board 65, typically on upper side thereof, 

with reference to FIG. 6. so that a plurality of pins (not shown) on the underside of the 

The term "smart card reader", as used throughout the 60 host CPU 30 extend through holes in the PC board 65 and 

present specification and claims, refers to any smart card make electrical contact with the plurality of pins 60. The 

device, as is well known in the art, or to any device using authenticator computer 20 is mounted on the pin grid board 

similar technology to provide authentication and/or transac- 55, typically on the upper side thereof. The PC board 65 is 

tion security. It is appreciated that a smart card device may operative to provide an electrical connection between the 

accept a card, a key, a button, or any portable security 65 host CPU 30 and tbe authenticator computer 20, and also to 

identification item. The card, key, button, or any portable provide an electrical connection via the external connection 

security identification item is referred to throughout the 35 to external devices, as explained above. 
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It is appreciated that the embodiments of FIGS. 2A-2C 
are provided by way of example only, and that a wide variety 
of packaging methods may be used in packaging the secure 
computer system 10 of FIG. 1. 

The operation of the system of FIG. 1 is now briefly 
described. The secure computer system 10 may receive a 
request to be processed from an external device through the 
external connection 35 and operate thereon. Requests may 
also be processed internally; that is, a request may be 
initiated by the host CPU 30 and may then be processed by 
the authenticator computer 20. In the case of either an 
external or an internal request, the output of processing the 
request by the authenticator computer 20 may be provided 
either through the external connection 35 or to the host CPU 
30, which typically further processes the output. Typically, 
a request comprises a request to perform one of the follow- 
ing: a digital signature operation; a data transmission pro- 
tection operation; a data protection operation; an access 
control operation; a smart card verification operation; or and 
proof of identity operation. 

Reference is now made to FIG. 3, which is a simplified 
flowchart illustration of a preferred method of operation of 
the secure computer system 10 of FIG. 1. The method of 
FIG. 3 preferably includes the following steps: 

The authenticator computer 20 receives a request, either 
an internal request from the host CPU 30 or an external 
request from external device (step 100). The request is then 
processed according to the type of request. 

If the request is to perform a digital signature operation, 
that is, to verify or provide a digital signature, as is well 
known in the art, the authenticator computer 20 performs the 
digital signature operation (step 110). Digital signature 
operations are described, for example, in R. L. Rivest, A. 
Shamir, and L. Adleman, referred to above. Typically, the 
request to provide a digital signature operation is received 
from the host CPU 30 and the result of the digital signature 
operation is output to the host CPU 30 for further process- 
ing. 

If the request is to protect a data transmission, the 
authenticator computer 20 protects the data transmission 
(step 120). Typically, protection of a data transmission may 
include data encryption, data decryption and data 
verification, as is well known in the art. Protection of a data 
transmission may also include using an approved transna- 
tional protocol for protecting a data transmission, such as, 
for example, that described by C. Gressel, R. Granot, and I. 
Dror, referred to above. Other relevant apparatus and meth- 
ods arc also described in Israel patent applications 13375 
and 15534 , and in U.S. patent application 08/437,223. 
Typically, the data to be protected is received from the host 
CPU 30 and the result of the data protection operation is 
output to the host CPU 30 for further processing. 

Reference is now additionally made to FIG. 4, which is a 
simplified pictorial illustration of an alternative preferred 
embodiment of the present invention. The embodiment of 
FIG. 4 is especially applicable for use with step 120 of FIG. 
3. The system of FIG. 4 comprises a computer 170, the 
computer 170 comprising the secure computer system 10. 
The computer 170 is operative to transmit data over a remote 
data link 175 to a remote computer system 180. Protection 
of data transmission is provided by the secure computer 
system 10, as described above. 

If the request is to provide data protection, such as, for 
example, to encrypt or decrypt data which is under control 
of the host CPU 30, the authenticator computer 20 provides 
the data protection (step 130). The data protection may 
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comprise encryption of Modes of Operation, referred to 
above. Typically, the result of the data protection opera tion 
is output to the host CPU 30 for further processing. 
If the request is to control access to an external device, the 

5 access control request is processed by the authenticator 
computer 20 (step 140). The external device may comprise 
any appropriate external device such as, for example, any of 
the following: A computerized device; a computer peripheral 
device; a locked door; or any other locked access apparatus. 

10 Processing of the access control request typically comprises 
receiving a request, typically from the host CPU 30 and 
verifying that the request is legitimate. Verifying that the 
request is legitimate may be performed using any appropri- 
ate method, such as a method well known in the art, for 

15 example the methods described R. L. Rivest, A. Shamir, and 
L. Adleman, referred to above. 

If the request is to verify a smart card, the smart card is 
verified (step 150). Smart cards, as is well known in the art, 
may be used in a wide variety of ways, including the 

20 following: to store identifying information about an indi- 
vidual; to store personal or medical information about an 
individual; and/or to store financial information for use in 
carrying out transactions. Verifying the smart card may 
include verifying that the smart card is valid, as is well 

25 known in the art. Verifying the smart card may also include 
reading data from the smart card, as is well known in the art. 
Verifying the smart card may also include carrying out a 
financial transaction based on information stored in the 
smart card, as is well known in the art. Methods for verifying 

30 a smart card include those described in R. L. Rivest, A. 
Shamir and L. Adleman, referred to above. 

Reference is now additionally made to FIG. 5, which is a 
simplified pictorial illustration of a further alternative pre- 

35 ferred embodiment of the present invention. The system of 
FIG. 5 comprises a computer 185, the computer 185 com- 
prising the secure computer system 10. The computer 185 is 
operatively attached to a smart card receiver 190. The smart 
card receiver 190 is operative to receive a first smart card 

4Q 195 and, optionally, a second smart card 200 in one or more 
smart card acceptor sockets 205. It is appreciated that the 
smart card acceptor sockets 205 are adapted to accept the 
particular form of the smart cards 195 and 200 chosen for 
use, and that the card form is shown in FIG. 5 by way of 

45 example only. 

When the second smart card 200 is used, the first smart 
card 195 typically represents customer information in a 
financial transaction, and the second smart card 200 typi- 
cally represents merchant information or bank teller infor- 

50 mation in a financial transaction. The secure computer 
system 10 is operative to verify the first smart card 195 and, 
optionally, the second smart card 200, as described above. It 
is appreciated that by using both the first smart card 195 and 
the second smart card 2000 it is possible to record proof of 

5S a transaction both on the smart card belonging to the 
customer such as, for example, the first smart card 195 and 
on the smart card belonging to the bank such as, for 
example, the second smart card 200. The transaction proof 
typically comprises digital signatures of both the customer 

60 and the bank teller. 

Processing of the smart card verification request typically 
comprises the authenticator computer 20 receiving a request, 
typically from the host CPU 30, and verifying that the 
request is legitimate, with output of the verification being 

65 sent to the host CPU 30. 

If the request is to provide proof of identity, the authen- 
ticator computer 20 provides proof of identity (step 160). 
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Typically, proof of identity comprises proof of identity of the 
host CPU 30. By storing identity information identifying the 
host CPU 30, the authenticator computer 20 provides an 
identification function which may aid in preventing or 
deterring theft of the host CPU 30. Proof of identity may also 
comprise proof of identity of a user who requests access to 
certain protected files or data, in which case proof of identity 
establishes the user's access rights. 

Reference is now additionally made to FIG. 6, which is a 
simplified pictorial illustration of a still further alternative 
preferred embodiment of the present invention, the system 
of FIG. 6 comprises the secure computer system 10. The 
system of FIG. 6 further comprises a verification unit 210, 
operatively attached to the secure computer system 10. The 
connection between the verification unit 210 and the secure 
computer system 10 is preferably a temporary connection 
which can be easily made and broken, and preferably 
comprises a connection to a minimum number of pins within 
the external connection 35 such as, for example, two pins. 
The connection between the verification unit 210 and the 
secure computer system 10 is preferably such that the 
connection may be made and broken whether or not the 
secure computer system 10 is installed in a computer. 

The verification unit 210 is operative to send a signal to 
the secure computer system 10, preferably comprising an 
identification of the verification unit 210. The secure com- 
puter system 10 receives the signal and preferably verifies 
the signal, using verification methods well known in the art, 
to ensure that the verification unit of 210 is authorized to 
request proof of identity. If the verification unit 210 is so 
authorized, the secure computer system 10 provides the 
verification system 210 with proof of identity, which may be 
displayed by the verification unit 210, stored in the verifi- 
cation unit 210, and or output by the verification unit 210. 

Proof of identity preferably comprises at least one of the 
following: serial number; origin, including at least one of 
manufacturer, date of production, place of production, and 
batch run of production; and information about a computer 
or other electronic product or other object in which the 
secure computer system 10 is used. It may also include 
public key certificates necessary for controlled use of 
licensed software. It is appreciated that proof of identity may 
comprise information relating to one or more of the follow- 
ing: the identity of the secure computer system 10; the 
identity of the authenticator computer 20; the identity of the 
host CPU 30; and the identity of the computer of other 
electronic product or other object in which the secure 
computer system 10 is used. Proof of identity may also 
include an audit trail typically comprising historical infor- 
mation concerning the manufacture and use of the secure 
computer system 10. 

Reference is now made to FIG. 7, which is a simplified 
block diagram illustration of the secure computer system 10 
of FIG. 1. The system of FIG. 7 is self-explanatory, except 
as follows. The external connection 35 is preferably fused, 
to prevent application of an external over-voltage from 
damaging the authenticator computer 20 and thus removing 
the authenticator computer 20 from operation. Such damage 
might allow access without intervention by the authenticator 
computer 20 destroying the authenticator with the unique 
identity allowing the use of a stolen CPU. 

It is appreciated that the software components of the 
present invention may, if desired, be implemented in ROM 
(read-only memory) form. Preferably, in the present inven- 
tion a ROM would be electrically programmable and 
masked on during silicon fabrication. Preferably most of the 
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program would be masked in the fabrication. Keys would be 
generated internally with the real random number generator 
and stored electronically programmable ROM and propriety 
program can be downloaded by a trusted third party using 
protocols as mentioned above. The software components 
may, generally, be implemented in hardware, if desired, 
using any conventional techniques. 

It is appreciated that various features of the invention 
which are, for clarity, described in the contexts of separate 
embodiments may also be provided in combination in a 
single embodiment. Conversely, various features of the 
invention which are, for brevity, described in the context of 
a single embodiment may also be provided separately or in 
any suitable combination. 

It will be appreciated by persons skilled in the art that the 
present invention is not limited to what has been particularly 
shown and described hereinabove. Rather, the scope of the 
present invention is defined only by the claims that follow: 

What is claimed is: 

1. A secure computer system comprising: 

a host computer unit having embedded in a single pack- 
age: 

a host CPU; and 

an authenticating and security controlling computer; 
a verification unit; and 

a smart card accepting connector providing a public-key 
protected communication channel between the authen- 
ticating and security controlling computer and the 
verification unit, in a first mode of operation of the 
secure computer system, and between the host CPU, 
via the authenticating and security controlling 
computer, and a smart card, via a smart card terminal, 
in a second mode of operation of the secure computer 
system; 

wherein communication between the authenticating and 
security controlling computer and the smart card ter- 
minal is unmediated; and 

wherein the verification unit is operative to verify the 
identity of the authenticating and security controlling 
computer in said first move of operation. 

2. A system according to claim 1, wherein the commu- 
nication between the authenticating and security controlled 
computer and the smart card terminal is not mediated by 
intervening software units. 

3. A method for securing a computer system comprising: 
providing a host computer unit including embedding a 

host CPU and an authenticating and security control- 
ling computer; in a single package; 

providing a smart card accepting connector comprising a 
public-key protected communication channel between, 
in a first mode of operation of the computer system, the 
authenticating and security controlling computer and a 
verification unit, and between, in a second mode of 
operation of the computer system, the host CPU, via the 
authenticating and security controlling computer, and a 
smart card, via a smart card terminal; 

wherein communicating between the authenticating and 
security controlling computer and the smart card ter- 
minal is unmediated; and wherein the verification unit 
is operative to verify the identify of the authenticating 
and security controlling computer in said first mode of 
operation. 
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